f8a811f8a06345133d631e8c1824c4bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f8a811f8a06345133d631e8c1824c4bc_JaffaCakes118
Size

144KB
MD5

f8a811f8a06345133d631e8c1824c4bc
SHA1

534d95188f6920a94aaf343e81aee55e9a4f609f
SHA256

d9daf7341783928882805f12280ad7d30aad806d6e224e566d0d55b5a0b4022d
SHA512

86e0d244a6b7d1d56e9475a44393d10cb13605ef249c0929dff2cf95b30aa6e0fd3c005a9bd3ff9b99c1d1cda9681124ac063183f4de17b33ba329c16e55b739
SSDEEP

1536:h5NfG6uKeE5AnhzqMHngirNZ6CrN963sOBmWK72m7v1KTl9s3fqMh/HkUSXdrk4y:h5DAAi+668T20vrdtwIKFt3Vh1gx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f8a811f8a06345133d631e8c1824c4bc_JaffaCakes118

Files

f8a811f8a06345133d631e8c1824c4bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1fc69a42c2c6d19b1b79228c9b7490f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadReadPtr
GetModuleFileNameA
CloseHandle
ReadFile
GetFileSize
CreateFileA
FreeLibrary
LoadLibraryA
LCMapStringA
FlushFileBuffers
HeapFree
HeapReAlloc
HeapAlloc
ExitProcess
SetStdHandle
LCMapStringW
IsBadCodePtr
SetUnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
SetFilePointer
GetStringTypeW
GetProcessHeap
GetOEMCP
GetACP
GetCPInfo
RaiseException
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
IsBadWritePtr
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetLastError
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
GetVersion
GetCommandLineA
GetStartupInfoA
LocalSize
RtlMoveMemory
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
GetProcAddress
GetStringTypeA
GetModuleHandleA

user32

GetIconInfo
DestroyIcon
MoveWindow
GetSystemMetrics
DrawIconEx
MessageBoxA
wsprintfA

shell32

ord727
SHGetFileInfoA

comctl32

ImageList_GetImageCount
ImageList_Destroy
ImageList_GetIcon

ole32

StringFromGUID2
GetHGlobalFromStream
CreateStreamOnHGlobal
CLSIDFromString

gdiplus

GdipCreateMatrix
GdipTranslateMatrix
GdipRotateMatrix
GdipSetWorldTransform
GdipDrawImage
GdipResetWorldTransform
GdipDeleteMatrix
GdipCreateBitmapFromResource
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromGdiDib
GdipCreateBitmapFromGraphics
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipSetInterpolationMode
GdipDeleteBrush
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromFileICM
GdipGetPropertyIdList
GdipGetPropertyCount
GdipRemovePropertyItem
GdipSetPropertyItem
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageRotateFlip
GdipImageSelectActiveFrame
GdipFillRectangle
GdipImageGetFrameDimensionsCount
GdipImageGetFrameCount
GdipGetImageThumbnail
GdipSetImagePalette
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageRawFormat
GdipGetImageFlags
GdipGetImageVerticalResolution
GdipGetImageHorizontalResolution
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageBounds
GdipGetImageDimension
GdipGetImageType
GdipSaveAddImage
GdipSaveAdd
GdipSaveImageToStream
GdipSaveImageToFile
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipGetEncoderParameterList
GdipGetEncoderParameterListSize
GdipCloneImage
GdipLoadImageFromStream
GdipLoadImageFromStreamICM
GdipLoadImageFromFile
GdipLoadImageFromFileICM
GdipDisposeImage
GdipFree
GdipAlloc
GdipDeleteGraphics
GdipCreateSolidFill
GdipGetImageGraphicsContext
GdipBitmapSetResolution
GdipBitmapSetPixel
GdipBitmapGetPixel
GdipCloneBitmapAreaI
GdipCloneBitmapArea
GdipCreateHICONFromBitmap
GdipImageGetFrameDimensionsList
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHICON

gdi32

DeleteObject
CreateCompatibleDC
DeleteDC
GetDIBits
SelectObject
CreateDIBSection
GetObjectW

shlwapi

PathFileExistsA

Sections

.text
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f1fc69a42c2c6d19b1b79228c9b7490f

Headers

File Characteristics

Imports

kernel32

user32

shell32

comctl32

ole32

gdiplus

gdi32

shlwapi

Sections

.text Size: 100KB - Virtual size: 98KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 20KB - Virtual size: 71KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 100KB - Virtual size: 98KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 20KB - Virtual size: 71KB

.rsrc
Size: 12KB - Virtual size: 9KB